MyFavMirrors/minio
1
0
Fork 0
mirror of https://github.com/minio/minio.git synced 2025-04-01 02:03:42 -04:00
Code Issues Packages Projects Releases Wiki Activity

Choose right users in federation mode for CopyObject (#6895)

Browse Source
This commit is contained in:
Harshavardhana 2018-11-29 17:35:11 -08:00 committed by kannappanr
parent 6a8ccc5925
commit bef7c01c58
3 changed files with 24 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
cmd/generic-handlers.go
View File

@ -625,7 +625,9 @@ type bucketForwardingHandler struct {
} }
func (f bucketForwardingHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) { func (f bucketForwardingHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
if globalDNSConfig == nil || globalDomainName == "" || guessIsBrowserReq(r) || guessIsHealthCheckReq(r) || guessIsMetricsReq(r) || guessIsRPCReq(r) { if globalDNSConfig == nil || globalDomainName == "" ||
guessIsBrowserReq(r) || guessIsHealthCheckReq(r) ||
guessIsMetricsReq(r) || guessIsRPCReq(r) || isAdminReq(r) {
f.handler.ServeHTTP(w, r) f.handler.ServeHTTP(w, r)
return return
} }

12
cmd/handler-utils.go
View File

@ -28,6 +28,7 @@ import (
"strings" "strings"
"github.com/minio/minio/cmd/logger" "github.com/minio/minio/cmd/logger"
"github.com/minio/minio/pkg/auth"
"github.com/minio/minio/pkg/handlers" "github.com/minio/minio/pkg/handlers"
httptracer "github.com/minio/minio/pkg/handlers" httptracer "github.com/minio/minio/pkg/handlers"
) )
@ -176,13 +177,13 @@ func getRedirectPostRawQuery(objInfo ObjectInfo) string {
return redirectValues.Encode() return redirectValues.Encode()
} }
// Returns access key in the request Authorization header. // Returns access credentials in the request Authorization header.
func getReqAccessKey(r *http.Request, region string) (accessKey string) { func getReqAccessCred(r *http.Request, region string) (cred auth.Credentials) {
cred, _, _ := getReqAccessKeyV4(r, region) cred, _, _ = getReqAccessKeyV4(r, region)
if cred.AccessKey == "" { if cred.AccessKey == "" {
cred, _, _ = getReqAccessKeyV2(r) cred, _, _ = getReqAccessKeyV2(r)
} }
return cred.AccessKey return cred
} }
// Extract request params to be sent with event notifiation. // Extract request params to be sent with event notifiation.
@ -192,10 +193,11 @@ func extractReqParams(r *http.Request) map[string]string {
} }
region := globalServerConfig.GetRegion() region := globalServerConfig.GetRegion()
cred := getReqAccessCred(r, region)
// Success. // Success.
return map[string]string{ return map[string]string{
"region": region, "region": region,
"accessKey": getReqAccessKey(r, region), "accessKey": cred.AccessKey,
"sourceIPAddress": handlers.GetSourceIP(r), "sourceIPAddress": handlers.GetSourceIP(r),
// Add more fields here. // Add more fields here.
} }

29
cmd/object-handlers.go
View File

@ -644,6 +644,15 @@ func getCpObjMetadataFromHeader(ctx context.Context, r *http.Request, userMeta m
return defaultMeta, nil return defaultMeta, nil
} }
// Returns a minio-go Client configured to access remote host described by destDNSRecord
// Applicable only in a federated deployment
var getRemoteInstanceClient = func(r *http.Request, host string, port int) (*miniogo.Core, error) {
// In a federated deployment, all the instances share config files and hence expected to have same
// credentials, make sure to send the same credentials for which the request came in.
cred := getReqAccessCred(r, globalServerConfig.GetRegion())
return miniogo.NewCore(net.JoinHostPort(host, strconv.Itoa(port)), cred.AccessKey, cred.SecretKey, globalIsSSL)
}
// CopyObjectHandler - Copy Object // CopyObjectHandler - Copy Object
// ---------- // ----------
// This implementation of the PUT operation adds an object to a bucket // This implementation of the PUT operation adds an object to a bucket
@ -949,17 +958,6 @@ func (api objectAPIHandlers) CopyObjectHandler(w http.ResponseWriter, r *http.Re
var objInfo ObjectInfo var objInfo ObjectInfo
// Returns a minio-go Client configured to access remote host described by destDNSRecord
// Applicable only in a federated deployment
var getRemoteInstanceClient = func(host string, port int) (*miniogo.Core, error) {
// In a federated deployment, all the instances share config files and hence expected to have same
// credentials. So, access current instances creds and use it to create client for remote instance
endpoint := net.JoinHostPort(host, strconv.Itoa(port))
accessKey := globalServerConfig.Credential.AccessKey
secretKey := globalServerConfig.Credential.SecretKey
return miniogo.NewCore(endpoint, accessKey, secretKey, globalIsSSL)
}
if isRemoteCallRequired(ctx, srcBucket, dstBucket, objectAPI) { if isRemoteCallRequired(ctx, srcBucket, dstBucket, objectAPI) {
if globalDNSConfig == nil { if globalDNSConfig == nil {
writeErrorResponse(w, ErrNoSuchBucket, r.URL, guessIsBrowserReq(r)) writeErrorResponse(w, ErrNoSuchBucket, r.URL, guessIsBrowserReq(r))
@ -969,14 +967,15 @@ func (api objectAPIHandlers) CopyObjectHandler(w http.ResponseWriter, r *http.Re
if dstRecords, err = globalDNSConfig.Get(dstBucket); err == nil { if dstRecords, err = globalDNSConfig.Get(dstBucket); err == nil {
// Send PutObject request to appropriate instance (in federated deployment) // Send PutObject request to appropriate instance (in federated deployment)
host, port := getRandomHostPort(dstRecords) host, port := getRandomHostPort(dstRecords)
client, rerr := getRemoteInstanceClient(host, port) client, rerr := getRemoteInstanceClient(r, host, port)
if rerr != nil { if rerr != nil {
writeErrorResponse(w, ErrInternalError, r.URL, guessIsBrowserReq(r)) writeErrorResponse(w, toAPIErrorCode(ctx, rerr), r.URL, guessIsBrowserReq(r))
return return
} }
remoteObjInfo, rerr := client.PutObject(dstBucket, dstObject, srcInfo.Reader, srcInfo.Size, "", "", srcInfo.UserDefined, dstOpts.ServerSideEncryption) remoteObjInfo, rerr := client.PutObject(dstBucket, dstObject, srcInfo.Reader,
srcInfo.Size, "", "", srcInfo.UserDefined, dstOpts.ServerSideEncryption)
if rerr != nil { if rerr != nil {
writeErrorResponse(w, ErrInternalError, r.URL, guessIsBrowserReq(r)) writeErrorResponse(w, toAPIErrorCode(ctx, rerr), r.URL, guessIsBrowserReq(r))
return return
} }
objInfo.ETag = remoteObjInfo.ETag objInfo.ETag = remoteObjInfo.ETag